Landmark EU Data Boundary for Microsoft Cloud is Complete

After two years, Microsoft has finally completed its E.U. Data Boundary, a solution for commercial and public sector cloud customers that lets them store and process their data within the E.U. and European Free Trade Association, which is the intergovernmental organisation of Iceland, Liechtenstein, Norway and Switzerland. This can be applied to Microsoft 365, Dynamics 365, Power Platform, and most Azure services.

SEE: UK Cloud Services Market ‘Not Working As Well As It Could,’ Says Competition Authority

What is the E.U. Data Boundary for the Microsoft Cloud?

The E.U. Data Boundary for the Microsoft Cloud was launched in January 2023, which saw European customer data from Microsoft Cloud’s core services being processed and stored locally. Over the next two years, the scope was gradually expanded to include pseudonymized personal data and “professional services” data, such as logs and case notes transferred between customers and Microsoft to facilitate technical support. Some customers may need to go through additional steps to acquire a professional services data storage commitment.

Microsoft also caveats that, in rare security incidents that require global intelligence, some customer data may be transferred outside the E.U. Data Boundary. However, it emphasizes that any such transfers would be carried out with robust security measures, including encryption and strict access controls, and would be communicated transparently.

E.U. regulators have long scrutinized Microsoft’s handling of cloud user data, citing concerns over data sovereignty, transparency, and compliance with GDPR. Other tech giants are in their crosshairs too, with Meta receiving a record €1.2 billion penalty in 2023 for mishandling user data transfers between the U.S. and Europe.

“The EU Data Boundary reflects Microsoft’s commitment to delivering unmatched cloud services that support European transparency, protect privacy, and enhance customer control,” Microsoft executives wrote in a blog post, and highlighted its over $20 billion investment in European AI and cloud infrastructure over the last 16 months.

Europe’s prolific data regulations

Europe has become famous for its prolific data regulations, including the General Data Protection Regulation, Germany’s Federal Data Protection Act, the U.K.’s Data Protection Act, and France’s CNIl guidelines. This means that European cloud users with their data spread about in data centres worldwide may find it difficult to comply with the necessary local laws.

A growing number of tech giants, including Amazon, Oracle, Google, and now Microsoft, are offering data residency solutions, allowing organisations greater control over where their data is kept to ensure compliance with such regulations.